Vulnerability in Okta Java_management_sdk

CVE-2025-66033

Okta Java Management SDK facilitates interactions with the Okta management API. In versions 21.0.0 through 24.0.0, specific multithreaded implementations may encounter memory issues as threads are not properly cleaned up after requests are…

EPSS: 0.002 (13.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2025-66033?
CVE-2025-66033 is a medium-severity vulnerability in Okta Java_management_sdk, classified under Missing Release of Memory after Effective Lifetime. CVSS score: 5.3/10. Published 2025-12-10.
How severe is CVE-2025-66033?
Medium severity. CVSS v3 base score is 5.3 out of 10.